About CompSec Direct

CompSec Direct is a C4ISR firm specialized in CyberSecurity. SDVOSB, QMCS & MBE certified firm of former DOD network operators.

Ransomware: Hacienda of Puerto Rico

By |2021-06-21T09:56:32-04:00June 21st, 2021|Categories: Attribution, Breach, Case Study, Contracts, Cyber, Defensive Methodology, Disclosure, Firewall, Forensic, Hacking, Incident Response, Reports|Tags: , , |

We are publishing a redacted case study related to the ransomware event that occurred at Hacienda of Puerto Rico. Although some elements have been removed from this case study, and a previous redacted case study concerning our involvement as Incident Response leads, it seems industry has not been able to adapt and improve it's resilience against [...]

Comments Off on Ransomware: Hacienda of Puerto Rico

Kleared4 closed-operation fly-away edge kit

By |2021-06-07T10:44:36-04:00June 7th, 2021|Categories: Automation, Cyber, Defensive Methodology, Design, Forensic, Hacking, Hunting, Incident Response, Networking|

We have started integrating closed-operation fly-away edge appliances with Kleared4, our disassociated cyber-operations, and proofing environment. #PCOE #PCTE #CyberRange Unlike other fly-away kits, this one is designed to operate completely closed! This model uses a Pelican 1200 case with a small Linux based PC. We recently used the device during a remote assessment on the other [...]

Comments Off on Kleared4 closed-operation fly-away edge kit

CompSec Direct wins firmware analysis prototype event held at Dreamport

By |2021-04-08T14:08:42-04:00June 8th, 2020|Categories: Automation, Cyber, Reports|Tags: , , , |

After placing 5th on a previous challenge, we were happy to place 1st on a subsequent firmware challenge. We improved our process, provided analysis and emulation findings to set us apart from the rest. Please visit https://dreamport.tech/events/event-rpe-the-broken-gear-in-the-watch-02.php for more information on the technical aspects of this challenge.

Comments Off on CompSec Direct wins firmware analysis prototype event held at Dreamport

Non-attribution classification model published

By |2021-04-08T14:59:32-04:00March 8th, 2020|Categories: Attribution, Cyber|Tags: , , , , |

The proposed model was published on the Military Cyber Professional Association (MCPA) 2020-2021 magazine. Although the author used humor in this publication; no standardized model currently exists to technically vet and verify how non-attribution is achieved. Instead, we opted to classify links starting from a point of origin and how this is perceived on receiving end [...]

Comments Off on Non-attribution classification model published

BSides PR 2019 Wrap-Up: It starts with you

By |2019-10-16T22:27:25-04:00October 16th, 2019|Categories: Case Study, Cyber, Defensive Methodology, Disclosure, Forensic, Incident Response, Laws, Legislation, Videos|Tags: , , , , , , , |

Our President, @jfersec, had the privilege of Keynote during BSides PR 2019. During our presentation, we discussed some hard truth's around: the way DeepFakes and "WeakFakes" are utilizedhow we are good imitators and bad innovators in Puerto Ricopast efforts associated with Accelerated Disclosures for public and private companies in Puerto Ricoflaws associated with contract negotiations with [...]

Comments Off on BSides PR 2019 Wrap-Up: It starts with you

CTF-Pasteables

By |2019-10-16T12:38:29-04:00October 16th, 2019|Categories: Cyber, Hacking, Pen-testing, Powershell, Scripts, Tor|

"Typing Kills", so even if you do not agree with this; it's true. Operator error grows the more you type. It's akin to "measure twice, cut once". In Capture the Flags (CTF's), we often redo the same methodology and the only thing we change are network variables and usernames, the syntax remains constant. Over the years, [...]

Comments Off on CTF-Pasteables

Open-Data wants to be free, but no one looks.

By |2021-11-30T12:32:25-05:00September 29th, 2019|Categories: e-Discovery, Hunting, Scripts|Tags: , , , , , , |

Problem: A few months ago, Giancarlo Gonzales, a former CIO for the island of Puerto Rico, indicated the lack of updates towards open-data in data.pr.gov. As part of an open-data initiative, Puerto Rico created its own version of data.gov, called data.pr.gov, which provides free and open access to government information datasets. Giancarlo alluded to the lack [...]

Comments Off on Open-Data wants to be free, but no one looks.

Case 1

By |2019-10-16T12:11:09-04:00August 27th, 2019|Categories: Attribution, Breach, Case Study, Contracts, Cyber, Defensive Methodology, Disclosure, Forensic, Hacking, Hunting, Incident Response, Laws, Reports|Tags: |

Case 1. If you like the case study, hit us up and let us know. Take care. Malware Analysis on Hybrid-Analysis. case1Download

Comments Off on Case 1

CompSec Direct now approved Cyber-security vendor in Maryland

By |2019-08-15T13:22:04-04:00August 15th, 2019|Categories: Contracts, Cyber, Defensive Methodology, Forensic, Hunting, News, Pen-testing, Social Engineering|Tags: , , , , , |

CompSec Direct has been approved as a Qualified Maryland Cybersecurity Seller (QMCS) by the Department of Commerce of Maryland. This allows us to provide cybersecurity services to qualifying companies under the Buy Maryland Cybersecurity (BMC) program. The program allows companies with 50 employees or less to purchase services and products from approved vendors like CompSec Direct. [...]

Comments Off on CompSec Direct now approved Cyber-security vendor in Maryland

White pages are back!: Aeronet Wireless exposes customer info over SNMP

By |2019-08-15T13:19:39-04:00October 12th, 2018|Categories: Disclosure, e-Discovery|Tags: , , |

Problem CompSec Direct recently became aware of an information disclosure problem affecting Aeronet Wireless customers in Puerto Rico. In short, querying Shodan.io for Aeronet Wireless and SNMP presents publicly accessible information, such as customer names, IP's, possible account ID's and geographic locations. Records Disclosed Code Proof https://www.shodan.io/search?query=org%3A%22Aeronet+Wireless%22+port%3A%22161%22 162.246.174.134    161    Linux XXX XXX 2.6.32.27 #2 [...]

Comments Off on White pages are back!: Aeronet Wireless exposes customer info over SNMP
Go to Top